public function testIsPreflightRequest() { $this->service = new CorsService(); $this->request = new Request(); $this->specify('preflight request is recognized', function () { verify($this->service->isPreflightRequest($this->request))->false(); $this->request->setMethod('OPTIONS'); verify($this->service->isPreflightRequest($this->request))->false(); $this->request->headers->set('Access-Control-Request-Method', 'POST'); verify($this->service->isPreflightRequest($this->request))->false(); $this->request->headers->set('Origin', 'http://foo.com'); verify($this->service->isPreflightRequest($this->request))->true(); }); }
public function testIsRequestAllowed() { $this->service = new CorsService(); $this->request = new Request(); $this->specify('request is not allowed', function () { $this->request->headers->set('Origin', 'http://foo.com'); verify($this->service->isRequestAllowed($this->request))->false(); }); $this->service = new CorsService(['allowOrigins' => ['http://foo.com']]); $this->specify('request is allowed', function () { $this->request->headers->set('Origin', 'http://foo.com'); verify($this->service->isRequestAllowed($this->request))->true(); }); }